IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in log files that could be read by a local user.
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Qradar_security_information_and_event_manager | Ibm | 7.5.0 (including) | 7.5.0 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_1 (including) | 7.5.0-update_pack_1 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_10 (including) | 7.5.0-update_pack_10 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_11 (including) | 7.5.0-update_pack_11 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_12 (including) | 7.5.0-update_pack_12 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_2 (including) | 7.5.0-update_pack_2 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_3 (including) | 7.5.0-update_pack_3 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_4 (including) | 7.5.0-update_pack_4 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_5 (including) | 7.5.0-update_pack_5 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_6 (including) | 7.5.0-update_pack_6 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_7 (including) | 7.5.0-update_pack_7 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_8 (including) | 7.5.0-update_pack_8 (including) |
Qradar_security_information_and_event_manager | Ibm | 7.5.0-update_pack_9 (including) | 7.5.0-update_pack_9 (including) |
While logging all information may be helpful during development stages, it is important that logging levels be set appropriately before a product ships so that sensitive user data and system information are not accidentally exposed to potential attackers. Different log files may be produced and stored for: